CVE-2023-50945
- EPSS 0.05%
- Veröffentlicht 26.01.2025 16:15:30
- Zuletzt bearbeitet 11.03.2025 18:10:30
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user.
CVE-2023-50946
- EPSS 0.05%
- Veröffentlicht 26.01.2025 16:15:30
- Zuletzt bearbeitet 11.03.2025 18:03:46
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism.
CVE-2024-40697
- EPSS 0.05%
- Veröffentlicht 13.08.2024 11:15:17
- Zuletzt bearbeitet 22.08.2024 13:27:20
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895.
CVE-2024-41774
- EPSS 0.08%
- Veröffentlicht 13.08.2024 11:15:17
- Zuletzt bearbeitet 24.08.2024 11:15:05
IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2023-50306
- EPSS 0.01%
- Veröffentlicht 20.02.2024 14:15:08
- Zuletzt bearbeitet 12.02.2025 17:01:45
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.